Microsoft Intune Reviews

Essentially, we use it to manage devices. We are looking at potentially moving away from VMware and bringing mobile devices and tablets into Intune along with desktops and laptops, which we currently manage, so that it serves as an all-in-one active asset list where we can look at the health of the entire technical estate. We can manage against threats. We can roll out apps, policies, et cetera. We can also manage logins, reset logins, et cetera, and it's an all-in-one, 24/7 solution.

Microsoft Intune has absolutely improved the way our organization functions. We're currently going through the AAD migration, so we are transitioning away from the old on-premise domain to Azure. The ability to take devices that were locally managed via AD but weren't managed via Intune is brilliant. We can see who last logged in, who it's managed by, which OS is there when it was last updated, etc. It gives us a micro overview of what's happening there.

Generally, we find it quite useful. We don't use it to the full extent. We've only got a P1 license, but generally, the application health and the ability to create and manage policies are valuable. We can split them very quickly into groups, multiple policies, etc. So, it's those core basics that we use, but they work very well.

It's very informative when there is an error. It allows us to backtrace where the error is and resolve that ourselves. It's a bit of a Swiss Army penknife. We find that it fixes most issues.

I'd like some more reporting so that I don't have to delve into PowerShell and I can pull more of the local device information such as memory, apps installed, etc. It would be nice to be able to see the apps that are present there but might not be managed. For example, if they installed 7Zip, it could report that back via an installed program or feature to see what was currently installed. Generally, it works, and nobody complains about it.

I've been using this solution for a couple of years.

Sometimes, they can take a little while to come back in showing that they are compliant. Typically, they may show us as not compliant even when we are. Typically, we find that it takes a couple of hours or a couple of days at worst for the machines to show as being compliant for them to settle down, but generally, it does what it says on the tin. We can set the policy, and we can put a machine or put a device into a group. That policy gets defined or pushed out, and it works. We can then move on to the next job. From my perspective, it works well, and that's why I'm just looking forward to using more Azure technologies moving forward.

It's deployed across multiple locations, departments, teams, and endpoints.

I haven't had any experience with them.

At the moment, we're using VMware AirWatch, which isn't my first choice purely because it's a super segmented platform. We are predominantly, about 95%, Microsoft. It feels a bit of an oversight not having a solution on a Microsoft platform where we've got full transparency and can make live changes. Currently, we have to go through our outsourced IT to make the changes and then we have to wait to see those changes rather than me or a colleague being able to make those changes in a live environment, so it would be my personal preference to get that moved over, which we're looking at. 

I wasn't a party to why they used AirWatch. I presume it was bundled in with the Microsoft service partner's offering originally. The IT team here is quite new. I've only been in the post for about a month, and my IT manager has only been in the post for about two months. We're just making sure that everything is easy to use and easy to manage, and it's cost-efficient for the charity moving forward.

Essentially, the way it was set up, it wasn't set up as a hybrid model. At the moment, we have got on-premises, and we have a cloud, but they're not joined. There is no passthrough, which is interesting. A lot of the on-premise has been copied over to the cloud. We are now taking the cloud to default, and the overall plan is to mothball the servers and reuse those as very high-powered desktops wherever possible. I just predominantly use the cloud.

I was not involved in its deployment, but in terms of maintenance, typically, our MSP makes the changes, but I've got GA rights to make anything that is critical. Generally, there are about 20 people at the Microsoft solution partner, and there are four of us on the IT team. There are less than 30 people in total.

I'm not sure. Certainly, it has been at least three years since the software has been rolled out, but it's not particularly well maintained by the solution partner. So, it's hard to measure the ROI. It does have merit, but in our particular sector, it's just overkill. We just need to make small and light changes whilst having effective security. We don't need corporate class, biometric/conditional access level security. Whilst we have multiple offices, they're very small. They're all under 20 users, and there's a lot of work from home. So, as long as we've got encryption, a form of AV, an anti-spam, and good account security, it certainly staves off a lot of the threats.

Personally, I feel that we haven't had the ROI purely because we're paying about £13,000 for under 300 users a year, which is a little bit top-sized. My personal feeling is to make a business case to switch to Microsoft Defender. Obviously, we've got P1 in our business premium licensing, so we've got a very basic protection at the moment that we don't use. We've got a large number of credits, and we could use those credits to switch over for a year to a higher project and see where we go from there.

Generally, it's not too bad. Obviously, a cheaper price would be great. Typically, we are in touch with the partner to provide non-profit discounts wherever possible. Generally, we get favorable discounts, so it's not too bad. Obviously, we're looking at decreasing those wherever we can to bring value back to the public purse because it's all charity based. It's all publicly funded.

Create a test group and create test policies, and then just test, test, and test before anything is rolled. It's the usual IT gambit. Test everything, and then just test it again before you roll it out.

I worked for a couple of MSPs before. I've seen it in very remote areas. I'm very impressed with it. Whilst it seems almost fashionable to criticize Microsoft, Intune is pretty much a well-laid-out product. It does what it says it's going to do. There is a lot of dependence on Microsoft products being pushed to it, and that's probably my only criticism. It would be good if Intune was a bit more open-source, but that would lead to more complications. It's a bit of a complicated beast, but generally, I like it.

I'd rate Microsoft Intune a nine out of ten. I'm happy with it.

The primary use case of Microsoft Intune is for patch management and app deployment.

Microsoft Intune is deployed in a hybrid environment and we use Atel cloud.

I can see that the patch management process is much improved with the bundled patch management option available in Microsoft Intune compared to the KPI deployment required by the other deployment solutions.

Deploying an app can be a complex process due to dependencies. For example, I have a package with three files that need to run, but one of them has a dependency on another one. This can be challenging to manage with the Intune app deployment and has room for improvement.

I have been using the solution for one month.

We have premium technical support from Microsoft.

We currently also use BigFix.

We have not yet implemented the solution but the app deployment is a bit complex.

When we add a device to the Azure domain, the activation process for Intune is simple and straightforward with no added complexity.

We partnered with Microsoft to help us implement the solution in our environment.

Intune is cost-effective as it is included in some of the Office 365 packages. GMF can be more expensive.

We evaluated Jamf Pro and will be rolling it out for Apple devices.

I give the solution a seven out of ten.

As of now, we deployed the solution onto 10,000 devices and when completed it will be 30,000 devices. The solution is used in multiple departments in multiple geographical locations.

Microsoft Intune is a Windows solution, and organizations can take advantage of its features. However, I would not recommend using iOS devices with Microsoft Intune as it is suited for Windows only.

We use the solution for auto-enrollment with app EPP and application deployment with EPP.

We're currently testing the possibility of using the solution as a new MDM tool for mobile applications.

All regions and departments operate on the same model; we turn on the device, select if it's personal or corporate, and all the products and profiles are loaded onto it.

The solution hasn't improved our organization yet, as we're still in the testing phase and have yet to go into full production.

The ability to switch between Affinity and non-Affinity enrollment is great. 

The wiping features are very good. 

The capacity to create more profiles and switch between corporate and personal devices are beneficial features.

One of the main advantages of Intune is that it's a Microsoft product, so it integrates with the other MS products we use.

The solution needs to be better for managing laptops; many functions are still unavailable in this regard.

The scalability could be improved, and like most other MDM products, Intune is good but not 100% there yet.

We've been using the solution for a couple of years. 

The stability is good, and there has been a lot of progress since I last used the solution.

The solution is working well for the most part, but some improvements could be made to the scalability. 

I never had to contact technical support. 

I previously used MobileIron UEM and VMware Workspace ONE.

I wasn't involved in the initial deployment. Now that it's set up, deployment to devices requires turning the phone on, and the device will automatically pull up the profile if the client is linked to our Apple Business Manager tool. We currently have one staff member involved with the maintenance, but we're looking into distributing it to others on the same team.  

The pricing for Intune and the competitor products are all within the same range, there is no true advantage when it comes to cost. 

I evaluated MobileIron and VMware. 

I rate the solution seven out of ten. 

We have yet to reach a level where we can notice flaws or identify areas for improvement since we're still checking and have yet to run the solution through a capability list.

My advice to others evaluating Intune is that it's the best solution for mobile devices like Androids and iPhones. However, if you're rolling out physical laptops, I recommend using a second tool, as there are still many unavailable options on the Intune app for laptops.  

The solution is deployed on cloud. I'm part of the support team. There's another server team that works closely with Microsoft. They purchased an old 365 license, and Intune was one of the included features. We wanted to take advantage of the feature because it was part of the package. That's why our top management decided to save some costs by making use of Intune and not using AirWatch anymore.

We are enrolling through the Intune company portal, and then we are using the Outlook app to configure the email addresses of the company.

We are using the mobile feature, and we are also using MDM to lock the devices, to push restrictions, et cetera. Compared with AirWatch, I think it's easier to manage the devices and the profiles in AirWatch. Intune has a lot of options, but I've only been playing around with it for a few months.

In the past, I raised some tickets for the enhancement feature, which was missing in Intune. It can take a long time for these features to appear, or maybe they will just never happen.

There are certain things that I'm trying to replicate from AirWatch, and it's not possible.

In AirWatch, we have a launcher, which is like a container. You can choose single-app mode or multi-app mode. But in Intune, for example, you need to factory reset the device and then apply the MDM. If we choose multi-app mode, which is the kiosk multi-app mode in Intune, I cannot lock the application on the screen. For example, in the set mode, you have the option to set the leave Kiosk password. You can exit the kiosk. But if you choose Intune multi-app mode, you don't have this leave kiosk option. For us, it's very useful.

If you have this leave kiosk option in the multi-app, you should also have it in the single-app mode. We need this because we have an application that you run on a tablet in hotel rooms, and we want to lock the application in a single-app mode, but besides the application, we also need to have some background applications running, like we need to do some configurations in Knox from Samsung, and eFolder. 

We have three applications that we need to push, but the guests will only be able to see one. Because I don't have the option to leave the kiosk in the single-app mode, I cannot do any configuration in the background apps. We have one app we cannot migrate to Intune from AirWatch because of this issue. This applies to more than 2,000 devices.

I think we need the leave Kiosk option available for the Kiosk single-app mode, because we are stuck with at least 2,000 devices or more because we want to completely retire AirWatch, but we cannot until this feature is available. The applications that we are using in our hotel rooms are not compatible with Intune. My bosses are not really satisfied because we still have expenses with purchasing a license with AirWatch because Intune cannot really fulfill our requirements.

This option is already available in the multi-app mode. It should not be a new feature. This feature already exists. They just need to apply the single-app mode the same way they're applying the multi-app mode.

Compared with AirWatch, Intune is not very stable because I haven't had to deal with these issues. With AirWatch, I would try to fix something and I would need to fine tune the settings, et cetera. But once I fine-tune and push everything, it will run and be stable. With Intune, we are new with this product, but it took some time for me to create a profile and test the devices. It has been working for a few months, but then suddenly this weird issue happened. It affected all devices at once.

In the Outlook application, the scalability is good so far. But there are some differences between on-premises mailbox users and cloud users. For example, let's say I'm my boss's assistant and I'm able to view my boss's calendar on my Outlook desktop. Let's say I want to view a shared calendar on my Outlook app. For the cloud-use mailbox, I'm able to do this, but if I'm an on-premises mailbox user, this option is not available. Usually the cloud mailbox users have more options than on-premise users.

We have around 2,000 users enrolled in Intune so far, not counting the MDM device. That includes just email, the one that I have enrolled in the Outlook email app.

Our plan is to keep the solution because our primary solution for email mobile is now Intune because we are retiring AirWatch. We have already retired the email for AirWatch, and we are just using AirWatch for MDM devices. Of course, the plan is to keep increasing usage. If more users request email on their mobile, we are going to offer Intune.

Technical support is very responsive and helpful. There's another issue that I raised related to Adobe Acrobat. I'm not sure if it's a region issue, but I'm in Macau, and we also have some users in Manila, Hong Kong, and Cyprus. All of us are using the same profile. I make the Adobe Reader application available on the manage app store, but somehow the users in Macau, when they go to the manage play store, are not able to see Adobe Reader on the list. It's only happening in Macau.

I raised this issue. Support dragged the issue on for two months. Support said, "Because all the applications go through the Play store, maybe you need to reach out to Google." The issue was not really resolved because the issue might not be related to Microsoft but Google, et cetera. I just gave up.

Compared to AirWatch, I can upload APKs or I can just redirect the Play store link to push the apps. But in Intune for example, I'm forced to upload all the applications through the managed app store. To make it available is a different process, basically. There are some things that don't really stretch forward. 

If I upload a custom APK in the manage Play store and then I want to remove it, I cannot remove it myself. I need to send an email to Google and ask them to remove it. Then they will ask me to unpublish the app for 24 hours first. These are very simple things that I should be able to control myself, and it wastes a lot of time.

I think if you have the money and want something more stable, you should go for AirWatch. I don't think Microsoft is offering the same stability as VMware at this point. On other hand, I think the support from Microsoft is better, particularly the support in Asia. In VMware, all the support is from India, and sometimes I have a hard time with them.

Now that I'm starting to be familiar with the profiles, it's starting to get easier. A few weeks ago, there was a very odd issue that happened also related to MDM devices where we were using the manage home screen application to lock down the apps that we wanted to allow only the users to use, like the kiosk application.

We have configured the profile and have deployed to 200 or 300 devices. Some of our users called and said suddenly all the mobile devices were flashing. I don't know what happened, but it happened at the same time. The workaround that I had to do was to remove the manage home screen from the profile. Then all of the devices were kicked out and went back to the home screen of the devices. That was the only way they could resume the mobile devices. I don't know what happened, but something was wrong with the manage home screen app on that day because a few days after, I pushed back and everything resumed.

We have ROI because we are retiring AirWatch, so we're spending less and making the most of the free stuff.

The licensing is on a yearly basis.

I would rate this solution 7 out of 10.

We operate call centers and provide our agents with laptops that they use from their home environment or home offices. We use Microsoft Intune to manage those laptops remotely. This remote management accounts for 99 percent of our use cases.

Microsoft Intune has effectively managed our patching needs, resulting in very few system-wide issues. While a small number of laptops occasionally fail to receive updates, the vast majority are patched successfully without manual intervention.

Microsoft Intune has enabled us to effectively manage our laptops, which is crucial for our involvement in civilian federal projects. The platform allows us to maintain a necessary security patch level and address any bugs that may arise, ensuring our devices are always secure and functional. Implementing Intune provides a cost-effective solution that would otherwise be prohibitively expensive.

Our Intune users, the IT group and system administrators, are happy with the system and have not reported any complaints.

The most valuable feature of Microsoft Intune is patching-related capabilities. This is because patches are constantly being released, and it requires us to stay current with bug-related and security-related patches, which is critical for our day-to-day operations. Intune's support in this area is crucial for us to maintain our laptops at a certain security patch level.

A more incisive reporting tool with automated progress updates and graphical representation would be beneficial, as the current manual method lacks efficiency and visual clarity.

I have been using the solution for about a year.

The stability of Microsoft Intune is ten out of ten. It has been very stable for us.

The scalability of Microsoft Intune is ten out of ten. Although we are not the largest company, it has never presented any scalability issues for us.

The customer service is above average. We have an Azure engineer on staff who handles troubleshooting. Although we have not had any major issues.

Positive

The initial setup is straightforward. We manage everything in-house with just a few commands needed before deploying laptops, never having to reconsider our processes.

We do everything ourselves without using a reseller or consultant.

We have never operated without Microsoft Intune, but it is apparent that it offers significant cost reductions. Operating without it would likely be prohibitively expensive, indicating a ninety-nine percent reduction in cost with Intune.

The alternative to Intune, sending out replacements for every issue, is prohibitively expensive. In contrast, Intune's pricing is reasonable considering its benefits and the high costs it helps avoid.

We evaluated other options that are tool-specific. For instance, our call center platform from NICE's CXone, has built-in Copilot-like capabilities. Nevertheless, Copilot remains our primary focus as it covers our entire spectrum of needs.

I rate Microsoft Intune nine out of ten.

We recently started using Copilot and find its support features very attractive. Our call center agents are internal customers who, like any customer, need occasional assistance with various issues. Copilot could benefit both IT and non-IT departments by providing faster service, self-guided troubleshooting, and access to relevant resources. For example, if an agent has an HR question, needs help with benefits, or experiences a technical issue like audio problems with their laptop, Copilot could guide them with self-service options or provide helpful files. This would empower our agents to resolve issues independently and efficiently. Our initial analysis suggests Copilot may have the potential to protect our environment, though our assessment is ongoing and we haven't begun implementation. Preliminary findings indicate it will be a valuable tool.

We use Intune for endpoint management to ensure they are updated with the latest patches. We also leverage Intune to oversee our applications and keep them current. Lastly, we employ Intune's remote tools for endpoint administration.

We implemented Intune to ensure our endpoints were updated.

Intune brings all our endpoints and security management tools into one place.

Intune is integrated with Defender to manage our security policies.

The user experience is good. Intune is easy to use and deploy.

Intune has significantly improved our IT productivity by automating the updates for Windows and third-party applications. This automation reduces costs and improves efficiency, allowing us to adopt a set-and-forget approach to software maintenance.

The automatic patching is the most valuable feature of Intune.

Intune needs to incorporate more tools to reduce the number of third-party applications we rely on. For instance, I currently use PatchMyPC to package new applications for Intune and then deploy them to endpoints. If Intune offered this functionality natively, we wouldn't need to rely so heavily on third-party applications.

I have been using Microsoft Intune for almost four years.

The technical support by Microsoft is terrible. 

Negative

The initial deployment was complex, requiring an expert for setup. It took one week to complete and involved one system administrator and me.

The implementation was completed in-house.

We have seen a return on investment from Intune through time saved, which correlates to around $20,000 per year.

I would rate Microsoft Intune seven out of ten. Intune is a valuable tool, but following the screen prompts can sometimes be challenging.

Two of us are responsible for the maintenance of Intune.

I support mobile technology for the Department of Homeland Security first responders nationwide, particularly in the weapons of mass destruction area. This diverse group includes first responders, firefighters, and police, explicitly located in high-risk urban areas like New York, including Northern New Jersey and Southern Connecticut, Chicago, San Francisco, and Washington D.C. Additionally, a mobile deployment group travels to major events like New Year's Eve in Times Square, Pro Bowls, Super Bowls, and World Series games, carrying chemical and biological detection devices with Microsoft Intune integrated into their mobile technologies.

Intune consolidates our endpoint and security management tools, providing a centralized solution for controlling security and ensuring compliance with the federal government, NIST, and ISO standards. This centralized control is crucial for maintaining a secure and compliant environment.

Endpoint analytics help proactively detect and remediate anomalies on endpoints. We receive alerts from various detection devices, including biological, radiological, and mobile platforms. A common challenge with Bluetooth or similar technologies is maintaining connectivity, whether it's Bluetooth or Wi-Fi. Additionally, we need to protect the Wi-Fi network itself. To address these security concerns, we often use proprietary connectivity protocols to ensure data integrity and prevent hacking, fraud, or unauthorized access.

Intune's Cloud PKI helps us manage our current and historical actions. We can easily access recurring tasks and look for common problems, which is an important attribute of using the cloud service.

For our benefit, Intune is very useful. However, the challenge is keeping it up to date and dealing with shift workers across different time zones. When deploying to the New York region, multiple fire and police departments use these devices. We maintain a database to track deployment status and device updates to ensure effective management. Devices unused for 90 days are suspended with the carrier to avoid higher fees for inactive devices. Although maintaining these devices can be challenging, we closely monitor them and collaborate with regional directors to ensure they are turned on at least every 90 days for automatic updates.

We use the privilege management feature exclusively for points of contact or location managers. Due to the group's diversity and the inclusion of shift workers, these individuals require specific access from an identity management perspective. We only permit access in these designated areas.

Intune saves costs for the federal government.

One reason my employer switched to Intune was the integration of Intune with Microsoft 365 and Microsoft Security.

We deploy applications and manage infrastructure based on specific needs, including lockdown services to prevent unauthorized app downloads. We utilize management controls for this purpose. Currently, it's a small environment consisting of approximately 20 major locations nationwide, with plans for future expansion. The management control feature is the most valuable.

Intune endpoint analytics can be challenging. However, factors like usage patterns, timeliness, and time of day can provide valuable insights. We must also consider help desk tiers, change management processes, and other relevant factors. We must prioritize user-friendly reporting over complex, jargon-filled explanations to present these analytics effectively to the federal mobility group and leaders countering weapons of mass destruction, who may need to be more technical experts.

I have been using Microsoft Intune for 18 months.

The technical support has been good. We have priority, given that we work with first responders.

Positive

Before I joined as a contractor consultant, the government used VMware. They changed vendors, and the new vendor convinced management that Microsoft Intune was superior to VMware. I disagreed, having done a lot of business with VMware over the years. I believe any VMware issues could be resolved with the proper account management and connections in production and development.

They believed Intune offered superior controls compared to VMware, but a thorough evaluation wasn't conducted. Instead of adhering to federal government regulations that mandate due diligence when switching technologies, they bypassed the process. They directly consulted the individual heading CWMD at the time, whose recommendation led to their employment and subsequent contract. Their justification for the switch to Microsoft Intune was based on their assertion that it would enable them to perform better. Typically, an in-depth evaluation is conducted before any transition, highlighting the differences to the federal government and justifying the necessity of the change. Cost-benefit analysis might be a factor, but not always the deciding one. Improved engineering, deployment models, and infrastructure management could all contribute to the rationale behind such a decision.

I would rate Microsoft Intune nine out of ten.

The user experience is a learning process, and it's improving. We primarily deal with shift workers who share devices, making identity management difficult and necessitating tighter security. For first responders, feedback and chemical and biological device management for alerts aren't the top priority. They focus on murders, robberies, thefts, fires, etc. Getting them to update their devices is challenging. We try to set it up so they only need to reconnect their devices every 90 days, but depending on the vulnerability, it might have to be done sooner.

Intune is a necessary tool, and we're currently undergoing a transformation with one vendor leaving and another coming in. This involves going through documentation, projects, upgrade requirements, and processes. MDM is only necessary due to the number of tools we have, including Sonim rugged mobile devices and Panasonic rugged desktops used in police cars, fire trucks, and other mobile settings. Dealing with Sonim is challenging because our contract is with the carriers, AT&T, Verizon, etc., not the federal government. Attestations and an executive order 14.28 about managing technology on these devices exist. Sonim is developed and manufactured in China, raising concerns about mobile technologies and managing them through third-party suppliers from non-friendly countries. All these factors contribute to the challenges in MDM.

I use Microsoft Intune to configure policies and manage devices.

We implemented Intune to manage devices for specific users and departments, including device ownership and access control.

I would rate the Intune user experience eight out of ten. About two years ago, I was a team leader with an apprentice. Before the apprentice arrived, we hired another employee who, on his first day, asked what Intune was. I was surprised he didn't know but was comfortable with it within a few days. In the last few years, Intune has been user-friendly.

Intune Suite provides robust security at the operating system level.

The enterprise application management feature is functioning well in its current state.

By leveraging cloud infrastructure instead of private systems, Intune has offered increased remote security and greater ease of access. While I still appreciate SCCM's capabilities, I am satisfied with Intune's performance.

I would rate Intune's ability to secure hybrid work and data on company devices as nine out of ten.

Due to the infrastructure being used, Intune has helped save a minimum of 30 percent of our cost.

It is important that Intune is integrated with Microsoft 365 and Microsoft Security for cloud and co-managed devices because integrating user accounts is easy.

Intune consolidates endpoint and security management tools into a single platform, but its exclusive focus on Microsoft devices necessitates supplementary solutions for Android and iOS. While Intune simplifies numerous tasks, it doesn't provide a comprehensive, all-in-one solution, requiring access to platforms like Azure or AD for specific functions. Although valuable, Intune's primary challenge in a corporate environment is the complexity arising from overlapping rights and processes across departments due to its extensive management capabilities. As a global admin, I would implement changes to address these complexities and streamline the management process.

Intune's role structure is overly complex, with too many layers creating unnecessary access hierarchies. While users can mitigate this by limiting active roles, I suggest streamlining the menu structure to improve usability. For instance, combining device lists for Autopilot and Intune would be beneficial, as these functions are closely related but currently separated. Redefining categories and consolidating menu paths would enhance navigation and make finding features easier. Essentially, I propose simplifying Intune's interface by better organizing its components.

I would like to see more tooltips, such as those brief descriptions that appear when you hover your mouse over something. For example, when you move your mouse over the "delete" button, a small box could pop up explaining that the object will be deleted but can be restored. This is especially important for grayed-out options. Users should be informed why they cannot perform certain actions, such as requiring a different role, object unavailability, or access through a different part of the system. Tooltips would significantly reduce the time I spend explaining these limitations to others.

Intune Suite's remote command functions could be improved for security. Internet connectivity is required for remote resets, and other actions are limited. I propose a potential solution involving automatic device lock after a specific period without check-in, allowing access only upon reconnecting to the internet. This would enable remote management functions without a constant internet connection. Additionally, the current unreliability of remote command execution, often requiring multiple attempts or restarts, is frustrating and needs addressing.

While the ability to deploy applications at startup is reliable, the policy-based application deployment method has not reached the same level of consistency. This inconsistency between the two methods is a key area for improvement, as reliable startup deployment is a benchmark for the desired level of reliability in policy-based installations.

Though reluctantly, we are utilizing Advanced Endpoint Analytics as application installs and compliance policy issues plague it. Comm client policy errors frequently skew statistics, providing an inaccurate representation of our day-to-day operations. These misleading metrics are largely due to other Intune component problems. While we can access analytics, we often manipulate data to exclude irrelevant demographics and metrics, such as application install failures, to produce more accurate reports. Similarly, device compliance statistics are unreliable indicators of fleet performance. While Advanced Endpoint Analytics offers potential utility, it primarily highlights underlying issues requiring resolution rather than providing actionable insights.

We can rectify endpoint anomalies. However, we overlook many others unless issues are exceptionally critical and high-priority. While Intune Analytics is a system component we utilize, its performance metrics are underwhelming. Conversely, our other ITSM infrastructure metrics are quite positive. Intune Analytics requires significant troubleshooting.

Intune is not as streamlined as SCCM but offers greater accessibility. While Intune is more assured, SCCM ultimately proved more efficient in terms of time spent.

I have been using Microsoft Intune for six years.

I would rate the stability of Microsoft Intune nine out of ten.

I would rate the scalability of Microsoft Intune nine out of ten.

The technical support is good.

Positive

I would rate Microsoft Intune seven out of ten.

We are working to expand Copilot's utility beyond its current primary use case of text-based summarization, which offers limited business value. While it aids productivity in meeting contexts, it does not significantly contribute to tasks that generate value. Consequently, we are investing resources in improving Copilot's capabilities without seeing commensurate returns.

Intune is an accessible system and one of the industry standards, so there's not a lot that you'll be left wanting.